Trends in Critical Infrastructure Protection

Trends in Critical Infrastructure Protection

CIPRE 2018

Klaus Kursawe, [email protected]

One slide about me• In Digital Security since 1998 (IBM Research, KU Leuven)

• Missed opportunity Award: Doing a PhD on Blockchains in 2001 and then abandoning the topic

• Philips Research• First lessons in economics of security: Try adding $1 od security to a $1000 TV Set• Politics of standardization• Healthcare: First devices where failure kills

• Ass. Professor at Radboud University• Do the fun stuff: Privacy protection, breaking stuff

• Co-Founder and Chief Scientist of ENCS• Red/Blue and Awareness trainings• Non-sexy but highly relevant stuff, e.g., Procurement• Founders and their babies… it’s complicated

• GridSec.org• Work with infrascturcute owners & supliers on securitg their systems, write runbooks, give trainings,…

Rocket Science

The most complex machine ever built, the space shuttle has more than 2.5 million parts, including almost 370 kilometers (230 miles) of wire, more than 1,060 plumbing valves and connections, over 1,440 circuit breakers, and more than 27,000 insulating tiles and thermal blankets.

http://spaceflight.nasa.gov/


Rocket Science

The most complex machine ever built, the space shuttle has more than 2.5 million parts, including almost 370 kilometers (230 miles) of wire, more than 1,060 plumbing valves and connections, over 1,440 circuit breakers, and more than 27,000 insulating tiles and thermal blankets.http://spaceflight.nasa.gov/

The European power distribution grid has more than 260 million endpoints, connected by 10 million kilometers (6.2 million miles) of power lines, 10.000 connections to the high voltage grid, 4 million transformers and is maintained by 2400 Distribution companies.By 2020, there is an estimated 45 billion investment for smart meters alone.


What is the Smart GridTake the probably most complex system build by mankind, run by roughly 3000 organizations in Europe alone, and whose failure would be pretty much the end of civilization, and make it a 100 billion Euro IT project with a timespan of 5-10 years.

This is the Smart Grid.

http://www.computerweekly.com/opinion/Six-reasons-why-the-NHS-National-Programme-for-IT-failedhttp://sunnyday.mit.edu/accidents/Ariane5accidentreport.html

http://www.computerweekly.com/opinion/Six-reasons-why-the-NHS-National-Programme-for-IT-failed

Added fun: Active disruptions

• Added challenge: There are no coincidences

Smart Metering/IoT Security Issues

A real world authentication protocol

Execute command X

Password required. Password is “Xt6dfTy%$7!”

Erm… “Xt6dfTy%$7!” ?

Password accepted. Executing command. Have a nice day.

Know thy System (asset management)

“ We have no idea how many devices we have in the field”

“We hope with the smart grid we finally find out where our cables are”

“We’re not sure what this computer does, but we don’t dare turning it off”

“Security is the responsibility of X, isn’t it ?”

“We designed that system to control a street light, now it controls our substations”

Experiences from a Testlab: Security Hygiene

• There is enormous value in a good risk analysis… but...

• You don’t ask which bakteria it is exactly you mitigate by washing your hands after going to the toilet

• No self-made, non expert reviewed cryptography• You can argue IF to encrypt, but rarely HOW

• Updatability• Security ages. New attacks come, protocols get broken,

... . Deal with it.• Basic physical security for devices in the field

• In so me countries, organised crime is already on it• Robust Interfaces

• If a random message cab crash your device, you’re in trouble

• Basic Manufacturing Security• Who can change your code ? Whom do you depend on

?

• (Usually) none of this is expensive, but it makes a huge difference!

Attacks past and present

Incidents the US ICS-CERT responded to Oct 2012-

May 2013

Source: ICS-CERT

Organized crime

• EneMalta, 2012-2014• Damage est. $41 mill direct damage in 2012• Offered for $1600 per meter

• Puerto Rico • Ca. 10% of all meters affected• Damage est. $400 mill• Offered for $300-$1000 per residential meter,

3000 for commercial ones

• More incidents know, but not public

• As in early set top boxes, poor security is a good way to train mediocre attackers into good ones

The Ukraine hack at Prykarpattyaoblenergo

• ~60 Substations (230.000 households) taken offline

• Firmware of control devices destroyed• Operators PCs wiped• DoS on telephone helplines of energy

company• Same malware (BlackEnergy3) found

elsewhere in EU and US

“Power could be restored due to well trained and established manual procedures”• This will stop working in ca. 5 years







Triton/Trisis/Hatman

In 2017, a sophisticated attack was found on the Triconect SIS System

The attack was found because a bug caused the system to shut down the plant

Once inside the system, it is practically undetectable

The payload had not been uploaded, so we don’t know what the end goal was.

How to hack a cow,or, what is a critical infrastructure anyhow ?

Usable Security: On Humans

Humans are idiots, because...

• They plug in USB sticks

• They open PDF files

• They visit websites

• They read their mail

• They use short passwords they can remember

• They reuse their passwords

• ...

Maybe we got something wrong there.

Security is like the brakes on your car.

– Their function is to slow you down.

– But their purpose is to allow you to go fast.

– In the Smart Grid, we are in the process of

buying a new car - now have the unique

opportunity to get a really good one!

Security as a Business Enabler

Security is like corporate law…

We wish we would live in a world where it is not necessary, but we don’t

... Ignore it, and you are in trouble... hire a normal lawyer, and he will tell you what not to do

... hire a good lawyer, and he will tell you how to do it... hire an excellent lawyer, and he will enable things you never imagined

Further reading

• http://cambridgeriskframework.com/page/20

• http://www.ee-isac.eu/

[email protected]

http://cambridgeriskframework.com/page/20

On Humans




• They visit websites


• They use short passwords they remember or write them down


• ...

Awareness alone is not enough

• Targeted social engineering is practically undefeatable

• Technology switches faster than people can learn

• External dependabilities are hard to avoid (Wifi on de Train ?)

• There are so many issues, noone has the discipline to never fail

• Enough suspicious things happen due to incompetence

• People need tools in addition to awareness• E.g., Yubikey

• E.g., Tor Browser bundle

• E.g., Qubes OS


• Security is like the brakes on your car.

• Their function is to slow you down.

• But their purpose is to allow you to go fast.

• In the Smart Grid, we are in the process of buying a new car -now have the unique opportunity to get a really good one!

Use Safery Policies

Bridges are designed so they get clearly visible cracks long before they break





Further reading

• http://oesterreichsenergie.at/branche/stromnetze/sicherheitsanforderungen-fuer-smart-meter.html➔Community feedback most welcome!

• http://cambridgeriskframework.com/page/20

Klaus Kursawe, [email protected]

http://oesterreichsenergie.at/branche/stromnetze/sicherheitsanforderungen-fuer-smart-meter.html

http://cambridgeriskframework.com/page/20

Non Technical Aspects

Technology can only work if the organisation is ready

Add security and provide help to internal processes, e.g., procurement

Accountability (with authority)

Personnel Training

Security as part of the Business planning & change management

Conflicts between IT and Operational Departments

Homomorphic One Way Functions

+

=

+

=

x → gx

y → gy

x*y → gx+y

Aggregate Comparison

mtotal

m1 m2

m3

m4

H(m1 ) + H(m2 ) + H(m3 ) + H(m4 ) =H(m1 + m2 + m3 +m4 ) = H(mtotal) ?

H(mi )

Do the measurements at the meters correspond to the one at the substation?

Further steps…

• Fit the protocol into industry requirements• Message size must stay constant• Has nothing to do with lego slides anymore, but who cares

• Build efficiency/Integratability demonstrator• Show performance and interoperability• Get a second publication out of it (yeah!)

• Integrate into existing standards• Needs to fit into DLMS/COSEM Datastructure

• Build Businesscase• More usable data the legal way! Easy to pass Privacy Impact Assessment! No problem

complying to 20 different regulations!

• Lobby for industry standard consortium

• Write Standards document yourself

Security in the Smart GridKlaus Kursawe, [email protected]

One word about me

• In Digital Security since 1998 (IBM Research, KU Leuven)

• Started with Smart Energy around 2008 via ZigBee (back then for Philips)

• Academic side via Radboud University• Part of US/EU working groups, e.g., NISTir 7628, EG2, M 490, M 441

• Privacy for Smart Meters• Cryptanalysis of metering protocols

• CTO/Chief Scientist of ENCS• Red/Blue and Awareness trainings• Research Lead, EU Project acquisition & execution• (Testing)• Procurement Requirements

• Mostly working with TSO/DSO• Collaboration with vendors with care

How your phone connects to WIFI

Is Chania OldPort WIFI there ?

Is CHANIA_CITINET there ?

Is EC_Hotspot there ?

Is Madonna Studios there ?



Yes, and it’s me!


Rocket Science




Rocket Science



The European power distribution grid has more than 260 million endpoints, connected by 10 million kilometers (6.2 million miles) of power lines, 10.000 connections to the high voltage grid, 4 million transformers and is maintained by 2400 Distribution companies.By 2020, there is an estimated 600 billion investment for the smart grid.


Hacking Demo

Quantifying the problem

• If the attacker is good, they will stay completely invisible• Flame, Gauss, Stuxnet 0.5, NSA Surveilance

• Victims are too embarrassed to report incidents• Reputation damage often bigger than crime damage• This will change with the new NIS regulation

• Black Swan effect• Visible incidents rare but high impact• This is hard to include in business planning

Security and Privacy no longer optional

NIS Directive

• Explicity includes energy sector• Support and obligation:

• Duty to take “appropriate technical and organisational measures”

• Duty to inform authorities of any significant incident

• “Sanctions provided must be effective, proportionate, and dissuasive”

• (Part of) the approach: Certification

General Data Protection Regulation: up to 2% of worldwide revenue fine for data protection violations(might increase to 5% or 100 million)Sources:

European Commission, General Data Protection Regulation, COM(2012) 11 final (2013/0027 (COD)European Commission, NIS Directive, COM (2013) 48 final 2012/0011 (COD)

The Grid Today

• Blind but happy“We know we have a blackout somewhere because we’re watching twitter” “We don’t know what’s going on, but we can operate with that”

• Organically grown”We hope with the smart grid we finally figure out here our cables are”

• Extremely Conservative Design”We need to be able to understand and fix everything ourselves”“We measure the lifetime of our equipment in decades”

• Analog”If we want something switched, someone goes there to pull the switch”

Low hanging fruits

Insiders

Professionalised Attackers

Nation State Actors

Special Challenges in Critical Infrastructures

Defender

• System design• Geographical spread, real time, experience, fragile devices, unexperienced

vendors, long device lifetime, safety constraints

• Consequences• Grid has higher uptime than Google

• The kind of attacks we see in the PC world are intolerable

• Physical Damage/Death/National collapse

• More fuzzy input (weather, solar eclipses, ...)

IT/OT “Integration”

OT in the past:

• Disconnected

• Debugability & Interoperability (=insecurity) by design

• Most security controls are a safety hazard

• “If I implement this patch, could somebody die ?”

• Lots of pride into their machine

IT/OT “Integration”

OT in the past:

• Disconnected

• Debugability & Interoperability (=insecurity) by design

• Most security controls are a safety hazard

• “If I implement this patch, could somebody die ?”

A real world authentication protocol

Execute command X

Password required. Password is “Xt6dfTy%$7!”

Erm… “Xt6dfTy%$7!” ?

Password accepted. Executing command. Have a nice day.

Attacker Challenges & Drivers

• No prooven businessmodel

• Hard to understand processes and to real damage• Stuxnet needed a complete

copy for testing

• Human Error/Taking shortcuts

• Fun / Reputation• No real damage intended, but may cause unintended trouble

• Low sense of responsibility

• Researchers / Hackers / Brenno de Winter• Show what’s possible

• Can feed other actors

• Hacktivism• Deface websites, cause minor blackouts

• Collateral Damage• Just trying to send Spam, Ransomware, ...

• Small Commerce• Energy theft, Cannabis plantations

• Disgrunteled employees• (Reputation) Damage

• Big Commerce• Blackmail, Prevent electric vehicles

• Nation State Actors• Strategic Assets, Espionage, Sabotage, Hybrid Warfare

What now ?100% security is a myth for salespeople. Breaching a system is only a matter of effort.

But what we can do...

...increase the attacker expertise level required

...increase the effort (money, time) of an attack

...increase the risk of detection

...implement incident handling

...make security (somewhat) measurable

...do this in a well designed, future proof, economic way

...do it at a pace we can handle

Security from an Economic View

“A system is secure, if the expected benefit for the attacker is lower than their expected costs (or, if they can get the same benefit cheaper in a different way)” *

“A system is secure enough, if the remaining risk (impact * probability of an incident) is acceptable” **

* Sadly, some attackers are poor economists. Or not driven by money in the first place.

** Both impact and probability can be rather difficult to determine

Mitigation steps…

• Good security requirements need to be implemented and independently tested• If you don’t ask for security, you don’t get it• This still needs work on the buyers side in the integration

• IT security expertise needs to be brought in to shortcut 10 years of learning (with care)• We don’t have 10 years• Power is too critical to learn on the job

• Monitoring (of both network and threats) is vital• And contingency plans need to be ready if something is found

• The Business model needs to assure interest in long term security for all participants

Case Study: Stuxnet

• Four novel attack technologies• Double-digit millions in attackercost• Two nation state actors• Likely use of field agents• Multi-year attack preparation• Likely rebuild of entire facility• Attack on at least 2 software vendors

And still it got found & handeled!

RSA Data Breach of 2011

We know we cannot keep qualified attackers out anymore. Plan B is

• Good Monitoring• Initiating countermeasures

on small incidents• Pre-planned and pre-

approved incident response plans







Know thy System (asset management)

“ We have no idea how many devices we have in the field”

“We hope with the smart grid we finally find out where our cables are”

“We’re not sure what this computer does, but we don’t dare turning it off”

“Security is the responsibility of X, isn’t it ?”

“We designed that system to control a street light, now it controls our substations”

Security as an Organization Issue

“When the security tests of our smart meters failed badly, it turned out there was no one in the entire organization whose fault it was.”

“It was the job of the IT Department to order the SCADA component. They where scared of it and outsourced everything to an external party. Once the system arrived, they where no longer responsible and left.”

"We have reorganized so often, no one knows who's responsible for what anymore.“

“Our meters are legally classified as critical infrastructure because of the remote-disconnect switch. If we had seen that before, we never would have implemented it.”

Case STUDY: Maroochy Wastewater treatment

• Feb 9 till April 23, 2000, a disgrunteled ex-employe of the wastewater management system reversed pumps, leading to massive damage and inconvenience

Training: Engineers saw what was happening, but did not suspect asecurity issue for several weeks

Policy: Ex-employee had access to radio equipmentTechnology: Security measures existed, but where turned off





Personnel Training

Security as part of the Business planning & change management


• Make Risk Assesments

• Procurement

• Know your supply Chain

• Define Usecases• Resist temptation of doing things because you can

• Insider

• Prevent Systems from being used outside their Risk Assesment

• Beware of Charlatans

Who is responsible ?

Source: NISTIR 7628 Cyber Security Strategy

External dependency analysis

4c. Vendor Requiremets

5b. Penetration test

Priorities and Escalation

“To install our product, we need a copy of your Active Directory Server”(i.e., all your passwords)

“If we are to provide warranty, we need remote access (our way) as well as the following changes to your architecture…”

Priorities and Escalation

“To install our product, we need a copy of your Active Directory Server”(i.e., all your passwords)

“If we are to provide warranty, we need remote access (our way) as well as the following changes to your architecture…”

Direction out: Procurement must require that the vendor lists all requirements on access, architecture and information needed to install and maintain the product and provide all warranties before the procurement decision is made.

On Humans




• They visit non-work related websites


• They use short passwords


• ...

On Humans




• They visit non-work related websites


• They use short passwords


• ...












Privacy enhancing technologies

IT vs OT

Enisa: Appropriate Measures for the Smart Grid

Other incidents

• Ukraine substation sabotage

• Energetic Bear

• Aurora

• DSO Pentest

• Cambridge Center for Risk Studies

• Austrian Communication Collapse

International Collaboration

• Everybody has the same issues.• Also, everybody is low on resources to resolve them• Security is not a competitive issue• Time is running very short (e.g., EU2020 goals)• It is all interdependent, anyway

• Coordinated requirements make for cheaper and better components & solutions

• Coordinated vendor requirements• Create a market for secure products

• Shared learning from experience• Share incidents, experiences, approaches that work• Banks are doing this since years

Root causes

• Security is hard !

• Other communities needed years to learn (e.g., WEP Security)

• Security is new for most control systems professionals

• Control systems are new for most security professionals

• Time/Price pressure

• Organizational Challenges

• Inexperienced Players / Immature Market

• Difficult Business model for security

How did we get there ?

How to measure temperature in a substation

• SOAP/JAVA

• MySQL Database

• Apache Webserver

• Linux Server

Good interoperability.

Persistent Storage.

Reliable communication.

Proven Operating System.

How to measure temperature in a substation

• SOAP/JAVA

• MySQL Database [1,211,154 Lines of Code]

• Apache Webserver [2,277,189 Lines of Code]

• Linux Server [15,803,499 Lines of code]

“One of the design goals for SOAP was that it should easily pass through firewalls.”

“Barclays: 97% Data breaches still due to SQL Insertion”

See OWASP top 10 for ways to misconfigure your web server (substation record:

7/10)

“Industry average: 1 security relevany bug for 1000 lines of

code.”

Information vs Process Security

• Control

– Being able to send control

commands to the process

• Observability

– Knowing the state of the process

and its components

• Operations

– The process should always operate

within its safety boundaries, even

without human interaction

Reality Check• The Security Maturity level in this area is insufficient

• Culture shock for both security- and power communities

• Money is there (somewhere)

• Safety culture can be morphed into security culture

• Not all functionality will be activated at once

Strategy: Buy time and design for upgradability along a mid-term security roadmap to achieve a reasonable level of security by the time critical components go online.

In the meantime, get to work.

Pragmatic Security

• Low Hanging Fruits• The NSA can bring you down anyhow• The 12-year old might find it cool

• Default passwords (if at all), Webattacks,…

• Keep is simple• Complexity leads to error• Feature creep kills

• Say no to SOAP, JAVA, Flash, …• Your PLC does not need Apache

• Define what you want and what you don’t• Clear Requirements make clear code• A lot of systems put IT in “because we can”• E.g., … why do I need a Smart Meter anyhow ? Andy why by 2020 ?

• Compromise• Passwords on sticky notes actually might make sense

Security in 2013

• Over 552 million identities stolen in 2013 alone• Credit card numbers,

social security numbers, mothers’ maiden names, …

• That’s only the ones we know of

Sources: Symantec Internet Threat Report 2014,Bloomberg

Is this problem real ?



• Black Swan effect• Visible incidents rare but high impact• This is hard to include in business planning

Security and Privacy no longer optional

NIS Directive

• Explicity includes energy sector• Support and obligation:

• Duty to take “appropriate technical and organisational measures”

• Duty to inform authorities of any significant incident

• “Sanctions provided must be effective, proportionate, and dissuasive”

General Data Protection Regulation: up to 2% of worldwide revenue fine for data protection violations(might increase to 5% or 100 million)

Sources:European Commission, General Data Protection Regulation, COM(2012) 11 final (2013/0027 (COD)European Commission, NIS Directive, COM (2013) 48 final 2012/0011 (COD)

Who would attack me (and how) ?

Where do MY attacks come from ?

Incidents the US ICS-CERT responded to Oct 2012-

May 2013

Source: ICS-CERT

Low hanging fruits

Professionalised Attackers

Nation State Actors



Is CHANIA_CITINET there ?

Is EC_Hotspot there ?

Is Madonna Studios there ?

Yes, that’s me.

WhAT CAN WE DO ?

What now ?100% security is a myth for salespeople. Breaching a system is only a matter of effort.

But what we can do...

...increase the attacker expertise level required

...increase the effort (money, time) of an attack

...increase the risk of detection

...implement incident handling

...make security (somewhat) measurable

...do this in a well designed, future proof, economic way

...do it at a pace we can handle

Security as an Economic Game

“A system is secure, if the expected benefit for the attacker is lower than their expected costs” *

“A system is secure enough, if the remaining risk (impact * probability of an incident) is acceptable” **

* Sadly, some attackers are poor economists. Or not driven by money in the first place.

** Both impact and probability can be rather difficult to determine

Stuxnet

• Four novel attack technologies• Double-digit millions in cost• Two nation state actors• Use of field agents• Multi-year attack preparation• Likely rebuild of entire facility• Attack on at least 2 software vendors

And still it got found & handeled!

Case STUDY: Maroochy Wastewater treatment

• Feb 9 till April 23, 2000, a disgrunteled ex-employe of the wastewater management system reversed pumps, leading to massive damage and inconvenience

Training: Engineers saw what was happening, but did not suspect asecurity issue for several weeks

Policy: Ex-employee had access to radio equipmentTechnology: Security measures existed, but where turned off

The need to Redesign the Wheel

Process-vs. Data Security

Huge Geographic Scale

Inexperienced suppliers and owners

Long System Lifetime

Inhomogeneous market & regulation,Slow action from lawmakers

Standard IT components too insecure

International Collaboration

• Everybody has the same issues.• Also, everybody is low on resources to resolve them

• Security is not a competitive issue

• Time is running very short (e.g., EU2020 goals)

• It is all one grid, anyway

• Coordinated requirements make for cheaper and better components• Coordinated vendor requirements

• Create a market for secure products

• Shared learning from experience• Share incidents, experiences, approaches that work

• Banks are doing this since years





Personnel Training

Security as part of the Business planning


The Security CIRCLE

Security is a process, not a product

Protect• Security Architecture

• Vendor requirements

• Penetration tests

• Trained personell

Detect• Monitor everything

• Spot anomalies

• “Big Data” to find small failures

React• Incident response

plan

• Forensic analysis

Understand• Use case analysis

• Threat intelligence, risk analysis

• Impact analysis

• Clear Responsibilities








Security professionals are like cooperate lawyers.

• We’d love to live in a world where they wouldn’t be

necessary. Sadly, we don’t.

• If you don’t have one, eventually you’ll get into trouble.

• A bad one will tell you what not to do.

• A good one will tell you how to do it.

• A really good one will enable things you didn’t think

possible.

[email protected]

BACKUP SLIDES

• USB (NSA Technology tickeling down)

• Wireless

• Heartbleed/Shellshock

Lessons LEarned

• Training• The effects had been seen for months, but observers needed 5 weeks to

suspect an attack

• Policy• Exit policy: Attacker could leave with radio equipment, passwords,

Is this problem real ?



• Black Swan effect• Visible incidents rare enough to not be included in

business planning

SET TOP Boxes

• Do your testing ahead

• Getting things right early

Drone Control System

BACKUP

Who is attacking my Grid: Dragonfly (2013)

• Targeted more than thousand major Grid Operators, Suppliers, Generation firms

• Compromised update sites for several vendors

• Advanced phishing method (Water-holing attack) and highly professional tools

• “Its current main motive appears to be cyberespionage, with potential for sabotage a definite secondary capability”

• Attackers worked 9-17 in the Moscow time-zone

In 2008, Russian “patriots” launched a multi-stage cyberattack on the country of Estonia, to “protect Mother Russia from […] Estonian Fascists.”

Why is it so easy ? Insecurity by design

Nation State Actors & Organised Crime Capacities

Evoluntionay Security: Learning from Aircraft safety

Goal: No aircraft of the fleet must have a critical failure during the lifetime of the fleet.

Given the amount of components and code, this is not possible to build.




– In the Smart Grid, we now have the unique

opportunity to design a really good car!


Programming ERRORS

Nation State Actors

Smart Grid Security

“The electric grid is an engineering marvel, arguably the single largest and most complex machine in the world.”

Random guy I found on the Internet

What is the Smart Grid, anyway ?

CASE STUDY: PAY TV SET-TOP BOXES

Initial boxes easy to break by hobbyists.

As security gradually increased, so did the competence and distribution network of the attacker.

When they got security right, they faced well-funded and connected professionals

Allegedly, some hackers were also funded by competitors; one company went bust over the financial losses

Outsourcing testing to the attackers leads to well trained attackersUnderstanding who is after you is vital.

The need to Redesign the Wheel

Process-vs. Data Security

Huge Geographic Scale

Inexperienced suppliers and owners

Long System Lifetime

Inhomogeneous market & regulation,Slow action from lawmakers

Standard IT components too insecure

• Training Results

• Pre-Defined Scenarios

• Responsibilities

• I want to change my mothers maiden name

• IT/OT

• Know thy system

New Developments

• The Magic of modern Privacy Enhancing Technologies• (Don’t mention the GDPR)

• The Difference between Santa Claus and the Blockchain• (Only one of them performs miracles)

• The specter of Quantum Computing• (If you think you understand it, it’s proof you don’t)

Forbes.com

Gentry’s fully homomorphic revelation came to him as he sat in a New York City cafe that summer. The encryption method that intrigued him allows a few multiplications or additions of encrypted data. But it suffers from an interesting handicap. Every arithmetic step unavoidably introduces small amounts of error into the encrypted data. Performing just a dozen or so computations corrupts the data to the degree that it can no longer be accurately decrypted.

Gentry’s insight was to double-encrypt the data in such a way that the errors could be removed, so to speak, in the dark. By periodically unlocking the inner layer of encryption underneath an outer layer of scrambling, the cloud computer would clean up its messes as it went along, without ever seeing the secret data. It took Gentry another 15 minutes to realize that he’d just solved an epic cryptographic problem.

Gentry’s elegant solution has a catch: It requires immense computational effort. In the case of a Google search, for instance, performing the process with encrypted keywords would multiply the necessary computing time by around 1 trillion, Gentry estimates. But now that Gentry has broken the theoretical barrier to fully homomorphic encryption, the steps to make it practical won’t be far behind, predicts professor Rivest. “There’s a lot of engineering work to be done,” he says. “But until now we’ve thought this might not be possible. Now we know it is.”

Forbes.com

Gentry’s fully homomorphic revelation came to him as he sat in a New York City cafe that summer. The encryption method that intrigued him allows a few multiplications or additions of encrypted data. But it suffers from an interesting handicap. Every arithmetic step unavoidably introduces small amounts of error into the encrypted data. Performing just a dozen or so computations corrupts the data to the degree that it can no longer be accurately decrypted.

Gentry’s insight was to double-encrypt the data in such a way that the errors could be removed, so to speak, in the dark. By periodically unlocking the inner layer of encryption underneath an outer layer of scrambling, the cloud computer would clean up its messes as it went along, without ever seeing the secret data. It took Gentry another 15 minutes to realize that he’d just solved an epic cryptographic problem.

Gentry’s elegant solution has a catch: It requires immense computational effort. In the case of a Google search, for instance, performing the process with encrypted keywords would multiply the necessary computing time by around 1 trillion, Gentry estimates. But now that Gentry has broken the theoretical barrier to fully homomorphic encryption, the steps to make it practical won’t be far behind, predicts professor Rivest. “There’s a lot of engineering work to be done,” he says. “But until now we’ve thought this might not be possible. Now we know it is.”

Homomorphic Encryption:

Complicated, don’t understand.

Useless.

One way functions

In reality: Hash function (SHA1), Exponentiation in finite groups.

One way function:

Homomorphic One Way Functions

+

=

+

=

x → gx

y → gy

x*y → gx+y

Aggregate Comparison

mtotal

m1 m2

m3

m4

H(m1 ) + H(m2 ) + H(m3 ) + H(m4 ) =H(m1 + m2 + m3 +m4 ) = H(mtotal) ?

H(mi )

Do the measurements at the meters correspond to the one at the substation?

Further steps…

• Fit the protocol into industry requirements• Message size must stay constant• Has nothing to do with lego slides anymore, but who cares

• Build efficiency/Integratability demonstrator• Show performance and interoperability• Get a second publication out of it (yeah!)

• Integrate into existing standards• Needs to fit into DLMS/COSEM Datastructure

• Build Businesscase• More usable data the legal way! Easy to pass Privacy Impact Assessment! No problem

complying to 20 different regulations!

• Lobby for industry standard consortium

• Write Standards document yourself

Blockchain: What it is

Blockchain: What it does

• Distributed Byzantine Fault Tolerant Total order protocol• No single entity needs to be trusted*

• Agreement on what events happened in what order

• * Of course, if you just download the code from a centralized entity…

Blockchain

• It does not replace secure end devices• Garbage in, garbage out

• It does not replace public key cryptography• You still need to identify users/devices

• It does not necessarily provide privacy• There’s a reason it’s called a public ledger• Fun exercise: Request your data to be deleted from the Bitcoin Blockchain

• It does not provide causality• Don’t use it for the stock market

• It’s a legal swamp• If an exploit in a smart contract a hack or fulfilling a bad contract ?

A Quantum Confusion

What it does

• Test 𝑛 values in 𝑛 time• This means, the keylength of symmetric cryptography effectively halves.

• Way out: Double the keylength of symmetric cryptography

• Factor large numbers

• Compute a discrete logarithm• This breaks all commonly used public key cryptography

• Way out: Back to the drawing board

Quantum Cryptography

• Totally different

• Exchange keys between two parties with a dedicated glas fibre line

Documents

Trends in Critical Infrastructure Protection